Changelog History
Page 2
-
v0.4.4 Changes
July 07, 2020- 🛠 Fix symbol lookup with namespaces. ([@palkan][])
🛠 Fixes #122.
- Separated
#classify-based and#camelize-based symbol lookups. ([@Be-ngt-oH][])
🚅 Only affects Rails apps. Now lookup for
:userstries to findUsersPolicyfirst (camelize), and only then search forUserPolicy(classify).👀 See PR#118.
- 🛠 Fix calling rules with
allowed_to?directly. ([@palkan][])
Fixes #113
-
v0.4.3 Changes
December 14, 2019- Add
#cache(*parts, **options) { ... }method. ([@palkan][])
👍 Allows you to cache anything in policy classes using the Action Policy cache key generation mechanism.
- 🚅 Handle versioned Rails cache keys. ([@palkan][])
Use
#cache_with_versionas a cache key if defined. - Add
-
v0.4.2 Changes
December 13, 2019- 🛠 Fix regression introduced in 0.4.0 which broke testing Class targets. ([@palkan][])
-
v0.4.1
December 13, 2019 -
v0.4.0 Changes
December 11, 2019🔋 Features
- Optional authorization context. (#95)
In addition to
allow_nil: true, we now have an option to skip the context altogether:class OptionalRolePolicy \< ActionPolicy::Baseauthorize :role, optional: trueendpolicy = OptionalRolePolicy.newpolicy.role #=\> nil- 🚅 Rails generators. (#87)
Now you can use
action_policy:installandaction_policy:policy MODELRails generators.- 🆕 New instrumentation event:
action_policy.init.
Triggered every time a new policy object is initialized.
🔄 Changes
- ✅ Composed matchers are supported in authorization target testing.
✅ Now you can write tests like this:
expect { subject }.to be\_authorized\_to(:show?, an\_instance\_of(User)) -
v0.3.4 Changes
November 27, 2019- 🛠 Fix Rails generators. ([@palkan][])
Only invoke install generator if
application_policy.rbis missing. 🛠 Fix hooking into test frameworks. -
v0.3.3 Changes
November 27, 2019- 👌 Improve pretty print functionality. ([@palkan][])
Colorize true/false values. 🖐 Handle multiline expressions and debug statements (i.e.,
binding.pry).- ➕ Add Rails generators. ([@nicolas-brousse][])
Adds
action_policy:installandaction_policy:policy MODELRails generators.- Optional authorization target. ([@somenugget][])
👍 Allows making authorization context optional:
class OptionalRolePolicy < ActionPolicy::Base authorize :role, optional: true end policy = OptionalRolePolicy.new policy.role #=> nil -
v0.3.2 Changes
May 26, 2019- 🛠 Fixed thread-safety issues with scoping configs. ([@palkan][])
🛠 Fixes #75.
-
v0.3.1 Changes
May 30, 2019- 🛠 Fixed bug with missing implicit target and hash like scoping data. ([@palkan][])
🛠 Fixes #70.
-
v0.3.0 Changes
April 02, 2019- ➕ Added ActiveSupport-based instrumentation. ([@palkan][])
👀 See PR#4
- 👍 Allow passing authorization context explicitly. ([@palkan][])
Closes #3.
Now it's possible to override implicit authorization context via
contextoption:authorize! target, to: :show?, context: {user: another_user} authorized_scope User.all, context: {user: another_user}- 📇 Renamed
#authorizedto#authorized_scope. ([@palkan][])
NOTE:
#authorizedalias is also available.- ➕ Added
Policy#pp(rule)method to print annotated rule source code. ([@palkan][])
Example (debugging):
def edit? binding.pry # rubocop:disable Lint/Debugger (user.name == "John") && (admin? || access_feed?) endpry> pp :edit? MyPolicy#edit? ↳ ( user.name == "John" #=> false ) AND ( admin? #=> false OR access_feed? #=> true ) )👀 See PR#63
- ➕ Added ability to provide additional failure reasons details. ([@palkan][])
Example:
class ApplicantPolicy < ApplicationPolicy def show? allowed_to?(:show?, object.stage) end end class StagePolicy < ApplicationPolicy def show? # Add stage title to the failure reason (if any) # (could be used by client to show more descriptive message) details[:title] = record.title # then perform the checks user.stages.where(id: record.id).exists? end end